Rather easy EXE infector

A very simple way of infecting EXEs. Not practical but quite useful. All it does is append the original code to a stub, which will execute itself first then the original code. IMO I prefer entry point hijacking and and reconstructing the whole PE file. However, that method would not work on encrypted EXEs. This is where this method comes in.

There are different ways of executing the original code. In this example, I just duplicate the infected file and remove the stub and let the windows loader take care of the rest. The duped file is hidden in the same folder but can also be extracted to a different folder.

The stub then waits for duplicated file and deletes it after its process terminates.

A more effective way is to find EXEs in current directory, infect them then move up to parent folder and up to a specified depth.

No error checking just straight up execution and no optimizations. Does not check if file is already infected. It will impregnate the file even more if infector.exe is ran multiple times.

Without malware we wouldn't need AV companies. Then we could have more cool things instead of broken computers.

So I guess you have no example that doesn't involve malware?

Without broken computers there wouldn't be malware, and then there wouldn't be AV companies. And without Govt. backdoors and poor coding skills and hunger for money, there wouldn't be broken computers.

Creating malware is like burning down houses. All houses are susceptible to being burnt down but that doesn't mean we should be burning them down just to force us into making more robust houses. And just like malware, burning down houses creates no net positive for society, it just makes everyone waste time and effort to rebuild.

Creating malware is like burning down houses. All houses are susceptible to being burnt down but that doesn't mean we should be burning them down just to force us into making more robust houses. And just like malware, burning down houses creates no net positive for society, it just makes everyone waste time and effort to rebuild.

But the people who rebuild the houses love to do so because they are hungry for money, and sometimes they'll burn down some houses themsevles just to be the ones to get hired to rebuild the houses.

Wonder why AVs cook up stories about malware that no one has even heard of and force you to buy/upgrade their software. Hell, they even make their software deliberately "incompatible" with other security software so their malware don't get flagged by their competitors.

They have to sell product (as insecure as it is), it has nothing to do with your expectations (about its stability/satisfaction/whatever). It works (up to some measure), then it can be sold. Nothing personal, just business.

AV authors can (and probably would) intimidate regular users to use (and buy) their products, just as houseware manufacturers insist that their products will make our living safer. They both lie, in a way. It's about how long would you go to check it.

typedef: I'm sure you have some positive examples. How about a binary tree? Or a minimal Android example?

If an agency contacted me to create malware software, I'd refuse their business and tell them that it goes against my philosophy that software should be productive and not destructive to the user. Knowledge of LL concepts, machine code, executable formats, etc, can be used in a positive way; example: dynamic binary translator to/from X86+ARM. Just my thoughts.

No malware here

Alright, after eleven off-topic responses, maybe someone should comment on the actual tutorial.

typedef, you have provided a generic EXE wrapper template. The code is written cleanly, it is easy to understand, and when I tried it briefly, it worked as expected (WIN7 Home Edition; no serious virus scanner installed). Insofar it is a very nice addition for the "Examples and Tutorials" section of this board. Congratulations!

What needs a bit more work in the future is how you describe your contributions. By needlessly (and incorrectly!) framing your "EXE wrapper" as an "EXE infector" you achieved several things that you probably don't want: (a) you made yourself look like an attention-whoring 14-year old, (b) you invited the useless weirdo discussion about malware that you now got, rather than receiving useful feedback from competent people, and (c) people interested in EXE wrapping for legit purposes will ignore your tutorial because its context shouts "filth, smut, danger" loudly enough to make them not even look at the code. No congratulations on that.

a machine is dumb (mov eax,ebx lea eax,[eax*5] etc...) it does what you tell it to do.
a malware just involve the same instructions than regular softwares, but they are agenced in order to break the system...

then, it is not the lazyness of system developper or whatever, but just the will of malware writers to make malwares.

you can virtually write malwares for any programmable machine, from a heater regulator to a cray, but it is just malware.

the goal of software is not to reproduce the genetically altered things we see in hospitals, but to make cooler and cooler stuff.

maybe malware can bring some bricks to the future of computing, by highlighting some basic mechanisms of attacks and study some ways to avoid them... but there will always be malware writers, even for the more secure platform.

then, what the goal of security? take 30%, 60%, 99% of the machine just to protect it???

ridiculous.

the size of AV softwares is just a big insult to the freedom's and the efficiency's needs of this time.

i don't believe malware are cool at all.

first, it is a pure waste of time to create malwares, the creativeness of malware writer is poorly exploited.
second, it is a pure waste of ressources, the machines running malwares will use energy and hardware to do that, and what it does is clearly useless.

anybody can tell you that bill gates became what he is now by writing goodwares (not malwares).
what he did was to make usefull OS and suites, used by billions peoples, and it is not cause it is microsoft, it is not also cause he was the son of somebody, but just cause he focused on creativity and usefullness of his products.

of course, m$ is $hit, but a cool $hit, and i don't believe that anybody here never used a m$ product at least one time in his life...

in fact, malwares are just the product of jealous peoples that consider windows as the shit of the century...

in my opinion, the real shit is more a military product like kalashnikov, or a chemical like DDT, or something really dangerous...

and that's the reason why bill gates became what he is now. he didn't created malwares and weapons, but just softwares used by the weapons designers.

hem...

bill gates is not a model to follow, but he is not the problem to fight.
and writing malwares is always possible, even a fortress can be attacked. then, what do we need?

computers or fortress?

i need computer to do cool things, not fortress to hide behind with fear.

and windows 98 is really cool cause now, it cannot longer browse the internet cause the new scripts norms are not supported
then, win98 is just a pure machine, able to do stuff like they did before internet generalisation.

for example, win98 supports very well the sockets and that is very cool to try networks designs

So creating malware is useless but legal. Using malware to destroy other people's PC's is a crime. And creating matches is useless but legal. Using maches to burn down other people's houses is a crime.

Further, nobody would have malware problems or need "AV" (= malware) if hardware and OS'es were designed properly.

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot vote in polls in this forumYou cannot attach files in this forumYou can download files in this forum